20160312

Inside “Eligible Receiver”

Excerpted from Dark Territory: The Secret History of Cyber War by Fred Kaplan. Out now from Simon & Schuster. On Wednesday, March 9, Kaplan will discuss his book in New York; for more information and to RSVP, visit the New America website.On June 9, 1997, 25 officials of the National Security Agency—members of a security squad known as the “Red Team”—hacked into the computer networks of the Department of Defense, using only commercially available equipment and soft­ware. It was the first high-level exercise testing whether the U.S. military’s leaders, facilities, and global combatant commands were prepared for a cyber attack. And the outcome was alarming.

The simulated hack was the brainchild of the NSA director, Lt. Gen. Kenneth Minihan, who, before coming to the agency, had been commander of the Air Force Information Warfare Center in San Antonio, Texas. The center’s tech crews had been detecting frequent hackings of U.S. military computer networks, and had come up with ways to counter them—but few senior officers took notice or cared.

Each year, the Pentagon’s Joint Staff held an exercise called Eligi­ble Receiver—a simulation or war game designed to highlight some threat or opportunity on the horizon. Minihan wanted the next exercise to test the vulnerability of the U.S. military’s networks to a cyber attack. The most dramatic way to do this, he proposed, was to launch a realattack on those networks. He’d heard about small-scale exercises of this sort, against battalions or air wings of the Army or Air Force. In these war games, he’d been told, the hackers always succeeded. The NSA Red Team was part of the Information Assurance Directorate, the defensive side of the agency, stationed in FANEX, a drab brick building out near Friendship Airport, a 20-minute drive from NSA headquarters at Fort Meade, Maryland. During its most sensitive drills, the Red Team worked out of a chamber called the Pit, which was so secret that few people at NSA knew it ex­isted, and even they couldn’t enter without first passing through two combination-locked doors. In its workaday duties, the Red Team probed for vulnerabilities in new hardware or software that had been designed for the Defense Department, sometimes for the NSA itself. These systems had to clear a high bar to be deemed secure enough for government purchase and installation. The Red Team’s job was to test that bar.